SQL Database

Azure SQL Database is a cloud-based relational database service that offers a fully managed database platform that is highly available, scalable, and secure. It supports multiple deployment options, provides automatic patching, backup and recovery, high availability, and disaster recovery capabilities, and includes built-in intelligence and advanced analytics features. Azure SQL Database offers different service tiers with varying performance levels, storage capacities, and prices to meet various workload requirements, and supports several programming languages and connectivity options.

Terraform Name

azurerm_sql_database

SQL Database

attributes:

The following arguments are supported:

name - (Required) The name of the database. Changing this forces a new resource to be created.
resource_group_name - (Required) The name of the resource group in which to create the database. This must be the same as Database Server resource group currently. Changing this forces a new resource to be created.
location - (Required) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
server_name - (Required) The name of the SQL Server on which to create the database. Changing this forces a new resource to be created.
create_mode - (Optional) Specifies how to create the database. Valid values are: Default, Copy, OnlineSecondary, NonReadableSecondary, PointInTimeRestore, Recovery, Restore or RestoreLongTermRetentionBackup. Must be Default to create a new database. Defaults to Default. Please see Azure SQL Database REST API
import - (Optional) A Database Import block as documented below. create_mode must be set to Default.
source_database_id - (Optional) The URI of the source database if create_mode value is not Default.
restore_point_in_time - (Optional) The point in time for the restore. Only applies if create_mode is PointInTimeRestore, it should be provided in RFC3339 format, e.g. 2013-11-08T22:00:40Z.
edition - (Optional) The edition of the database to be created. Applies only if create_mode is Default. Valid values are: Basic, Standard, Premium, DataWarehouse, Business, BusinessCritical, Free, GeneralPurpose, Hyperscale, Premium, PremiumRS, Standard, Stretch, System, System2, or Web. Please see Azure SQL database models.
collation - (Optional) The name of the collation. Applies only if create_mode is Default. Azure default is SQL_LATIN1_GENERAL_CP1_CI_AS. Changing this forces a new resource to be created.
max_size_bytes - (Optional) The maximum size that the database can grow to. Applies only if create_mode is Default. Please see Azure SQL database models.
requested_service_objective_id - (Optional) A GUID/UUID corresponding to a configured Service Level Objective for the Azure SQL database which can be used to configure a performance level. .
requested_service_objective_name - (Optional) The service objective name for the database. Valid values depend on edition and location and may include S0, S1, S2, S3, P1, P2, P4, P6, P11 and ElasticPool. You can list the available names with the CLI: shell az sql db list-editions -l westus -o table. For further information please see Azure CLI - az sql db.
source_database_deletion_date - (Optional) The deletion date time of the source database. Only applies to deleted databases where create_mode is PointInTimeRestore.
elastic_pool_name - (Optional) The name of the elastic database pool.
threat_detection_policy - (Optional) Threat detection policy configuration. The threat_detection_policy block supports fields documented below.
read_scale - (Optional) Read-only connections will be redirected to a high-available replica. Please see Use read-only replicas to load-balance read-only query workloads.
zone_redundant - (Optional) Whether or not this database is zone redundant, which means the replicas of this database will be spread across multiple availability zones.
tags - (Optional) A mapping of tags to assign to the resource.

The import block supports the following:

storage_uri - (Required) Specifies the blob URI of the .bacpac file.
storage_key - (Required) Specifies the access key for the storage account.
storage_key_type - (Required) Specifies the type of access key for the storage account. Valid values are StorageAccessKey or SharedAccessKey.
administrator_login - (Required) Specifies the name of the SQL administrator.
administrator_login_password - (Required) Specifies the password of the SQL administrator.
authentication_type - (Required) Specifies the type of authentication used to access the server. Valid values are SQL or ADPassword.
operation_mode - (Optional) Specifies the type of import operation being performed. The only allowable value is Import.

The threat_detection_policy block supports the following:

state - (Optional) The State of the Policy. Possible values are Enabled, Disabled or New.
disabled_alerts - (Optional) Specifies a list of alerts which should be disabled. Possible values include Access_Anomaly, Sql_Injection and Sql_Injection_Vulnerability.
email_account_admins - (Optional) Should the account administrators be emailed when this alert is triggered? Possible values are Disabled and Enabled.
email_addresses - (Optional) A list of email addresses which alerts should be sent to.
retention_days - (Optional) Specifies the number of days to keep in the Threat Detection audit logs.
storage_account_access_key - (Optional) Specifies the identifier key of the Threat Detection audit storage account. Required if state is Enabled.
storage_endpoint - (Optional) Specifies the blob storage endpoint (e.g. https://example.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. Required if state is Enabled.

‍

Associating resources with a

SQL Database

Resources do not "belong" to a

SQL Database

Rather, one or more Security Groups are associated to a resource.

Create

SQL Database

via Terraform:

The following HCL allows you to manage an Azure SQL Database

Syntax:

resource "azurerm_resource_group" "example" {
name = "example-resources"
location = "West Europe"
}

resource "azurerm_sql_server" "example" {
name = "myexamplesqlserver"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
version = "12.0"
administrator_login = "4dm1n157r470r"
administrator_login_password = "4-v3ry-53cr37-p455w0rd"

tags = {
environment = "production"
}
}

resource "azurerm_storage_account" "example" {
name = "examplesa"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
account_tier = "Standard"
account_replication_type = "LRS"
}

resource "azurerm_sql_database" "example" {
name = "myexamplesqldatabase"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
server_name = azurerm_sql_server.example.name

tags = {
environment = "production"
}
}

Create

SQL Database

via CLI:

Parameters:

az sql db create --name
--resource-group
--server
[--assign-identity {false, true}]
[--auto-pause-delay]
[--availability-zone]
[--backup-storage-redundancy]
[--capacity]
[--catalog-collation {DATABASE_DEFAULT, SQL_Latin1_General_CP1_CI_AS}]
[--collation]
[--compute-model {Provisioned, Serverless}]
[--edition]
[--elastic-pool]
[--encryption-protector]
[--family]
[--federated-client-id]
[--ha-replicas]
[--keys]
[--ledger-on {Disabled, Enabled}]
[--license-type {BasePrice, LicenseIncluded}]
[--maint-config-id]
[--max-size]
[--min-capacity]
[--no-wait]
[--preferred-enclave-type {Default, VBS}]
[--read-scale {Disabled, Enabled}]
[--sample-name {AdventureWorksLT}]
[--service-level-objective]
[--tags]
[--umi]
[--yes]
[--zone-redundant {false, true}]

SQL Database

Terraform Name

Costs

Indirect Cost